The last thing Uber needs at this stage is another controversy to grapple with. After all, it has been dogged by at least 215 allegations of workplace sexual harassment and bullying in the last several years, all of which are being investigated by law firms Perkins Coie and Covington & Burling.

Yet, just yesterday, website Recode revealed that Uber’s president of business in Asia Pacific Eric Alexander had a few years ago somehow obtained the medical records of a woman who was raped by an Uber driver in New Delhi, India in 2014 — someone who was a habitual sexual offender and who, critics say, wasn’t properly screened by the car ride service.

Apparently, Alexander then went on to share those records with Uber CEO Travis Kalanick and senior vice president Emil Michael, as well as numerous senior Uber India employees. Reports suggest that he allegedly did so upon the suspicion that the rape was fabricated by arch rival Ola — just one sordid window into the high stakes games that are often played between rivals in cornering the lucrative Indian ecommerce market. Uber reports that Alexander is no longer with the company as of Wednesday.

LEGAL RAMIFICATIONS

Legal experts are still trying to decipher what this means for Uber from a legal perspective and how Alexander in fact got his finger on those papers. The Verge reports that the Medical Council of India specifically states that anyone trying to get their hands on medical records “must obtain written consent from such person before collecting or using such information and also inform the person about the intended use of such information”.

Sharing those records without consent of the person involved in the case would put a person in further jeopardy of violating the law. Plus, the Delhi police has categorically stated that they would have denied a request to see those papers if Uber had applied for permission to do so.

India’s Right to Information Act allows citizens access to public records but includes strict privacy exemptions. “If anything falls within the zone of privacy it would be a rape survivor’s medical records,” Menaka Guruswamy, a supreme court lawyer, said to the Guardian. Alexander would have had to apply to the court for access. “[Getting permission] would have been deeply unlikely, on the basis of jurisprudence as has been involved in the context of rape trials, and the difference in status that we accord a rape survivor,” added Guruswamy.

According to the Guardian, Uber chose not to respond to the question of whether any official request had been made.

The Recode report is another severe blow to Uber, a company that has not only fired 20 employees for transgressions at its offices after a comprehensive investigation but one that doesn’t seem to care about in-built checks and balances to prevent what seems to be an unending stream of scandals. Its most recent was the “God View”, a tool that Uber employees utilised to monitor and track movement of celebrities and politicians amongst others who hailed the ride service.

The 2014 rape in India, however, was at a whole different level. Not only were the brakes on the service applied by the Delhi government, but Uber was forced to tighten its driver verification processes as well as affix an SOS button on its app. A considerable amount of money and effort was also spent on rehabilitating its image.

If these allegations of improperly — perhaps illegally — accessing a rape victim’s medical report are ture, Uber will have a whole new and far more damaging fiasco to contend with.